Report - www.g7jjf.com/riscos/PPCRPC.zip

Report Overview

Submitted URL
www.g7jjf.com/riscos/PPCRPC.zip
IP
79.99.42.22
ASN
#8560 IONOS SE
Submitted
2024-05-05 06:04:25
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.g7jjf.com	unknown	2002-10-22	2013-11-17	2024-01-23	485 B	7.7 MB	79.99.42.22

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.g7jjf.com/riscos/PPCRPC.zip
IP
79.99.42.22
ASN
#8560 IONOS SE

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
7.7 MB (7654942 bytes)
Hash
5bd4ee36f69488fb75c6272bdd079186
e3b9d88bd298e93bf3cb5f90b716dc0f7c185bad
ed62a00ea0639c384986c09baa229b46630f98d9588d4b0c983ba22227c00987

Archive (12)

Filename

Md5

File type

.DS_Store

e58496af18667fada2cf2aa5ad5865a1

Apple Desktop Services Store

._.DS_Store

e86c11b3d51d7a3a7ee390bbe6092820

AppleDouble encoded Macintosh file

cmos.ram

f9d85f15c8e03918146a6f1379ffc7e5

data

hd4.hdf

7ceed9982e9e82bc11790687c6edbc3e

data

.DS_Store

7ec672df7b7b3b1ac7523518a79d8c3d

Apple Desktop Services Store

._.DS_Store

e86c11b3d51d7a3a7ee390bbe6092820

AppleDouble encoded Macintosh file

HOSTFS.TXT

021fd3316270cba08b9b614431dc1d59

ASCII text, with CRLF line terminators

.DS_Store

95774ecfeae25276b1e476cee88193d3

Apple Desktop Services Store

._.DS_Store

e86c11b3d51d7a3a7ee390bbe6092820

AppleDouble encoded Macintosh file

roms.txt

87e506d00c7657d2a5a28c95e62b0b2a

ASCII text, with CRLF line terminators

rpc.cfg

811c5cc0115aa72c08e14e2c177aa52e

ASCII text

RPCEmu

52067ce5e960c56d91b0034462f1055a

Mach-O ppc executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL>

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	meth_get_eip
CAPEv2 YARA detection rules	malware	Cobalt Strike Beacon Payload

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	www.g7jjf.com/riscos/PPCRPC.zip	79.99.42.22	200 OK	7.7 MB
URL User Request GET HTTP/2 www.g7jjf.com/riscos/PPCRPC.zip IP 79.99.42.22:443 ASN #8560 IONOS SE Certificate IssuerLet's Encrypt Subjectg7jjf.com Fingerprint89:FE:14:FD:49:62:9B:79:5B:9F:75:9F:50:BE:A1:35:9D:E8:72:80 ValidityWed, 24 Apr 2024 07:44:24 GMT - Tue, 23 Jul 2024 07:44:23 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 7.7 MB (7654942 bytes) Hash 5bd4ee36f69488fb75c6272bdd079186 e3b9d88bd298e93bf3cb5f90b716dc0f7c185bad ed62a00ea0639c384986c09baa229b46630f98d9588d4b0c983ba22227c00987 HTTP Headers `GET /riscos/PPCRPC.zip HTTP/1.1 Host: www.g7jjf.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 05 May 2024 06:03:54 GMT content-type: application/zip content-length: 7654942 last-modified: Fri, 26 May 2023 18:08:28 GMT etag: "6470f59c-74ce1e" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2`

www.g7jjf.com/riscos/PPCRPC.zip

79.99.42.22

200 OK

7.7 MB

URL User Request GET HTTP/2
www.g7jjf.com/riscos/PPCRPC.zip
IP
79.99.42.22:443
ASN
#8560 IONOS SE

Certificate
IssuerLet's Encrypt
Subjectg7jjf.com
Fingerprint89:FE:14:FD:49:62:9B:79:5B:9F:75:9F:50:BE:A1:35:9D:E8:72:80
ValidityWed, 24 Apr 2024 07:44:24 GMT - Tue, 23 Jul 2024 07:44:23 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
7.7 MB (7654942 bytes)
Hash
5bd4ee36f69488fb75c6272bdd079186
e3b9d88bd298e93bf3cb5f90b716dc0f7c185bad
ed62a00ea0639c384986c09baa229b46630f98d9588d4b0c983ba22227c00987

HTTP Headers

GET /riscos/PPCRPC.zip HTTP/1.1
Host: www.g7jjf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 06:03:54 GMT
content-type: application/zip
content-length: 7654942
last-modified: Fri, 26 May 2023 18:08:28 GMT
etag: "6470f59c-74ce1e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (12)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers